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WHAT IS CLAIMED IS: 



1 1 . A security method for operator access control of a network management system, the 

2 method comprising: 

3 performing an Internet Protocol (IP) filtering to determine whether or not an inputted 

4 Internet Protocol address of an external operator is a preset Internet Protocol address using one of 

5 either a Transmission Control Protocol/Internet protocol (TCP/IP) or a User Datagram 

6 Protocol/Internet protocol (UDP/IP); and 

7 connecting the external operator to a communication system by either inputting an 

8 Identifier/Password or by setting communities upon a determination that the Internet Protocol 

9 address of the external operator is a preset Internet Protocol address . 

1 2 . The security method according to claim 1 , wherein performing an Internet Protocol (IP) 

2 filtering comprises: 

3 a) creating a row after setting a filtering range for objects that are implemented by a 

4 Management Information Base (MIB); 

5 b) selecting whether to discard or accept a Simple Network Management Protocol (SNMP) 

6 packet to be inputted or outputted; 

7 c) selectively accepting a request for the Simple Network Management Protocol (SNMP) 

8 packet if the row is used as an egress policy, while not outputting a response packet; and 

9 d) selectively outputting the response packet for the Simple Network Management Protocol 
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10 (SNMP) packet if the row is used as an ingress policy, while not allowing accepting the request 

1 1 for the Simple Network Management Protocol (SNMP) packet. 

1 3. The security method according to claim 2, wherein creating a row after setting a 

2 filtering range for objects that are implemented by a Management Information Base (MIB) 

3 comprises: 

4 e) determining a Policyld (PId) as to whether or not to adopt a certain packet processing 

5 method; 

6 f) finding a row in a FilterPolicy table, the row having a relevant value based on the 

7 determined Policyld value; 

8 g) reading a pointer value of the row found in the FilterPolicy table; and 

9 h) finding a relevant row in a Filterlp table using the previously read pointer value as an 

10 index number, and then determining whether or not operator access is permitted based on 

1 1 conditions for an Internet Protocol (IP) address and a port number set in the relevant row to 

12 process a packet. 

1 4. The security method according to claim 3, wherein the Filterlp table, in which items 

2 of the conditions for determining whether or not the operator access is permitted are recorded, 

3 comprises: 

4 an index number field using a pointer value corresponding to the policyld as an index, an 

5 Internet Protocol (IP) address field, an Internet Protocol (IP) address mask field, a port number 
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6 field, a protocol field, a control field, and a row status field. 

1 5. The security method according to claim 4, wherein a syntax of each of the index 

2 number field, the port number field, the protocol field, the control field and the row status field is 

3 of an integer type, and 

4 a syntax of each of the Internet Protocol (IP) address field and the Internet Protocol (IP) 

5 address mask field is of an Internet Protocol (IP) address type. 

1 6. The security method according to claim 1 , where the external operator comprises one 

2 of a telnet terminal or an Element Management System (EMS) server. 

1 7. A program storage device, readable by machine, tangibly embodying a program of 

2 instructions executable by the machine to perform a security method for operator access control 

3 of a network management system, the method comprising: 

4 performing an Internet Protocol (IP) filtering to determine whether or not an inputted 

5 Internet Protocol address of an external operator is a preset Internet Protocol address using one of 

6 either a Transmission Control Protocol/Internet protocol (TCP/IP) or a User Datagram 

7 Protocol/Internet protocol (UDP/IP); and 

8 connecting the external operator to a communication system by either inputting an 

9 Identifier/Password or by setting communities upon a determination that the Internet Protocol 

10 address of the external operator is a preset Internet Protocol address . 
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8. The program storage device according to claim 7, wherein performing an Internet 
Protocol (IP) filtering comprises: 

a) creating a row after setting a filtering range for objects that are implemented by a 
Management Information Base (MIB); 

b) selecting whether to discard or accept a Simple Network Management Protocol (SNMP) 
packet to be inputted or outputted; 

c) selectively accepting a request for the Simple Network Management Protocol (SNMP) 
packet if the row is used as an egress policy, while not outputting a response packet; and 

d) selectively outputting the response packet for the Simple Network Management Protocol 
(SNMP) packet if the row is used as an ingress policy, while not allowing accepting the request 
for the Simple Network Management Protocol (SNMP) packet. 

9. The program storage device according to claim 8, wherein creating a row after setting 
a filtering range for objects that are implemented by a Management Information Base (MIB) 
comprises: 

e) determining a Policyld (PId) as to whether or not to adopt a certain packet processing 
method; 

f) finding a row in a FilterPolicy table, the row having a relevant value based on the 
determined Policyld value; 

g) reading a pointer value of the row found in the FilterPolicy table; and 
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9 h) finding a relevant row in a Filterlp table using the previously read pointer value as an 

10 index number, and then determining whether or not operator access is permitted based on 

1 1 conditions for an Internet Protocol (IP) address and a port number set in the relevant row to 

12 process a packet. 

1 1 0. The program storage device according to claim 9, wherein the Filterlp table, in which 

2 items of the conditions for determining whether or not the operator access is permitted are 

3 recorded, comprises: 

4 an index number field using a pointer value corresponding to the policyld as an index, an 

5 Internet Protocol (IP) address field, an Internet Protocol (IP) address mask field, a port number 

6 field, a protocol field, a control field, and a row status field. 

1 11. The program storage device according to claim 1 0, wherein a syntax of each of the 

2 index number field, the port number field, the protocol field, the control field and the row status 

3 field is of an integer type, and 

4 a syntax of each of the Internet Protocol (IP) address field and the Internet Protocol (IP) 

5 address mask field is of an Internet Protocol (IP) address type. 

1 12. The program storage device according to claim 7, where the external operator 

2 comprises one of a telnet terminal or an Element Management System (EMS) server. 
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